Identifying cyber threats to mobile-IoT applications in edge computing paradigm

摘要

The malware has become an increasing problem for Mobile-Internet of Things applications in edge computing platform. Variants of malware can be identified once their general characteristics are known and overtly malicious behavior can be identified. Some research has been performed using static analysis in order to identify privacy violating malware for IoT in edge computing. Dynamic analysis can be easily evaded as malware can adapt to avoid detection and has performance overheads. The case where an application lies about its intention for requesting a permission or intentionally violates the user’s expectation of an applications behavior is not so well researched. This research extensively explores the fundamental gap in the current literature in terms of mobile malware. We particularly focus on a greater set of permissions which may be leveraged for other purposes, for example by using sensors to record user credentials or monitoring a user’s movements. This research will attempt to identify such scenarios by employing behavioral analysis to determine when and how permissions are used and static and dynamic analysis to determine the behavior of application logic yet to execute. We proposed two-layer detection engine with hybrid feature analysis. Experimental results with real mobile malware IoT data show that our proposed approach with permission related features outperforms other detection engines.